Vulners
Lucene search
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | CVE-2014-3300 | 29 May 201815:50 | – | circl |
 | CVE-2014-3300 | 7 Jul 201410:00 | – | cvelist |
 | Viproy CUCDM IP Phone XML Services - Call Forwarding Tool | 10 Jan 201506:28 | – | metasploit |
| Viproy CUCDM IP Phone XML Services - Speed Dial Attack Tool | 10 Jan 201506:29 | – | metasploit |
 | CVE-2014-3300 | 7 Jul 201411:01 | – | nvd |
 | Viproy CUCDM IP Phone XML Services Speed Dial Attack Tool | 31 Aug 202400:00 | – | packetstorm |
| Viproy CUCDM IP Phone XML Services Call Forwarding Tool | 31 Aug 202400:00 | – | packetstorm |
 | Improper access control | 7 Jul 201411:01 | – | prion |
 | Cisco Unified Communications Domain Manager multiple security vulnerabilities | 4 Aug 201400:00 | – | securityvulns |
Node
OROR
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| device | query param | /bvsmweb/showcallfwd.cgi | Vulnerability via crafted URL to retrieve call forwarding information for a specific device (MAC) on BVSMWeb leading to unauthorized access. | CWE-264 |
| cfoption | query param | /bvsmweb/phonecallfwd.cgi | Endpoint to configure call forwarding for IP phones; improper access control allows forwarding settings to be modified via GET parameters. | CWE-264 |
| device | query param | /bvsmweb/phonecallfwd.cgi | Endpoint to configure call forwarding for IP phones; improper access control allows forwarding settings to be modified via GET parameters. | CWE-264 |
| ProviderName | query param | /bvsmweb/phonecallfwd.cgi | Endpoint to configure call forwarding for IP phones; improper access control allows forwarding settings to be modified via GET parameters. | CWE-264 |
| fintnumber | query param | /bvsmweb/phonecallfwd.cgi | Endpoint to configure call forwarding for IP phones; improper access control allows forwarding settings to be modified via GET parameters. | CWE-264 |
| telno1 | query param | /bvsmweb/phonecallfwd.cgi | Endpoint to configure call forwarding for IP phones; improper access control allows forwarding settings to be modified via GET parameters. | CWE-264 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 00:07Current
6.5Medium risk
Vulners AI Score6.5
CVSS 27.5
EPSS0.21879